UGN Security Forums UGN Security: Underground General Accesing a system remotely

Hi, I'm new here, but not new to computers. This may be the wrong forum to post this in, but I will statrt here.
Recently I got into a discussion with someone, and he made the following statement
"First of all it's impossible for someone to just "scan" a hard drive without proper software and permission"
I told him he was WRONG WRONG WRONG
But he insists, that no one can log on/get access/scan your hardrive, unles you allow it.
Now this is "true" up to a point, IE Firewalls and such, but those still have weak points.
My question to you is.
Was I wrong in stating that unless you have a closed system, IE NO connection to anywhere, you are STILL vunerable to a possible attempt to scan and hack your system
Thanks

In theory, if there is a wire coming out of the back of your computer connected to the net then you are potentially at risk. However, the possibility of getting into a machine with absolutely no open ports is damn near impossible, and definately beyond the power of the majority of humans on the net.

Infinite

unless you have internet explorer, then ur fuct

Well you are saying to different things. ""First of all it's impossible for someone to just "scan" a hard drive without proper software and permission" You are slightly ambiguous here in that you scan a hard drive. Obviously there are many interpretations to this statement but I'll take it as accessing files stored on a hard drive over the network. This type of access does require some type of misconfiguration on the part of the user (And sometimes the OS developer) In reality, your friends statement is true. If I completely remove any and all protocols related to file sharing over a network then you won't be able to view them. Now your ambiguity extends further with this statement "But he insists, that no one can log on/get access/scan your hardrive". Now I would assume you are talking about access beyond and including simple file access. In reality, it does take the user misconfiguring something again or poor development. If you close all listening ports on a machine all that's left to attack is 1, the user with things like malicious pages/scripts/etc, or 2, attack the network stack itself. For the latter, good luck.